Russian Hacking Report in Context

On December 29, the Department of Homeland Security took an unusual step:  it released a report detailing Russian civilian and military efforts to hack organizations, companies, and educational institutions in the United States.  It’s sobering reading, and follow-on news reports have indicated the attackers’ success at penetrating networks well beyond those of the Democratic Party.  You can read it here. If the US Government, the Democratic Party, and universities with all of their resources were unable to stop the Russian attacks, what possible chance can a small/medium business have? The answer is: more than you would think.  The hackers got some of their initial access to these compromised systems by tricking users into providing their passwords.  Once the hackers had those passwords, they leveraged that access to gain additional access to other systems.  Even small businesses can interrupt this chain of events at several points, making it much more difficult for hackers to gain a foothold.  The techniques are simple and inexpensive: Make sure everyone in your company understands phishing schemes and how to recognize them.  A phishing scam is an attempt to trick someone into providing username and password information to a hacker.  Spearphishing is a phishing attack customized to a particular individual. Do not allow people to have administrative privileges on their computers.  This prevents them (or viruses acting under their credentials) from installing hacking tools on a computer. Change passwords regularly and use different passwords for different accounts.  In other words, the password to your work computer should be different from the one you use on, say, your Yahoo account.  Password manager software (such as LastPass or Dashlane) makes it easy to track and change passwords. Ensure your computers install security updates from Microsoft, Apple, and Adobe automatically. Install antivirus software on your computers Your technical team can take a few other steps to help you stay safe: Install a firewall if you don’t have one, and review your firewall to tighten it up as much as possible.  A firewall is a device that stands between your network and the rest of the world, blocking unauthorized access. Configure spam filters to be as restrictive as possible and use Sender Policy Framework (SPF) records to reduce the likelihood of phishing messages. Confirm backups run regularly and periodically test those backups. Questions?  Concerns?  Want some help conducting a cyber security risk assessment?  Give us a call, we’re happy to help. The post Russian Hacking Report in Context appeared first on Ntiva.

Strong Passwords Explained

It seems we don’t get a week without some major company being hacked, having data lost or released, or some kind of breach. With all that’s happening, security has been more on the forefront of IT than it has been in recent years.  I’m generally surprised when I talk to end users and discover how little they understand about the importance of security and most importantly password security. I’m going to give a very high level view of one form of password cracking, the most prevalent, to my knowledge, and explain how the strength of your password effects an attacker’s ability to compromise it, and your systems. Brute force hacking is a type of hacking where, in the case of passwords, every combination of letters, numbers, and symbols is tried until the correct password is found. As you can imagine this is a very time consuming process, but what difference does adding a number or symbol really make? Here’s the math. An 8 character password, upper and lower case only, provides 200 Million possible combinations. That’s a lot, but let’s put that in context. A decent brute force cracking machine can crack a 8 character simple password in about 6 hours. So how much of a difference does a number make? Well the possible combinations of letters, upper and lower case, and a number goes from 200 million to just under 3 billion. If you add a special character, like an exclamation point that number climbs to over 500 billion combinations. At that point a simple brute force is out the window and can no longer be used in any realistic amount of time. For those of you wondering, increasing your password length from 8 to 10, including upper, lower, numbers, and symbols results in 2.4 quintillion password combinations. As you can see, simply having a complex password drastically increases the difficulty of cracking your password in traditional brute force methods. So what does the attacker result to then? Facing 500 billion password combinations they need to narrow that focus. That’s where a dictionary attack comes into place. A dictionary attack is similar to a brute force attack, except that instead of testing every single combination of letters and numbers, it tests a dictionary of words. This can be a littler more accurate and faster, since very few users actually use a series of numbers and letters without meaning. This is where it gets complicated though. Even with a dictionary attack, and adding options for common letter substitutions (exclamation point or number 1 for letter i, etc), a targeted dictionary attack is still very large and time consuming. What an attacker would probably work on next is targeting the dictionary attack through social engineering. They would create a custom dictionary with pet names, car types, family names, any specific information to you. You may think that using your dogs name and wife’s birthday is a sneaky password, but you’re actually making it easier. Fido3285 isn’t hard to guess, and even going with F!d03285 isn’t much stronger. Your best passwords, if you want to make it really difficult to compromise your systems, aside from a random string of letters and numbers that you will never remember, is a non-dictionary word that is in no way related to you, with number/symbol/letter substitutions. Pick a word, then pick another unrelated word. Cantaloupe and Java. Combine them, add some symbols and numbers, and you have yourself a stronger than average password. J@v@L0upe! (This is not my password) The idea of password, and by extension network, security isn’t to make yourself completely impenetrable. That’s not realistic and technologically impossible. The goal is to make yourself a hard target for hacking, so that an attacker moves on to a softer target. The last thing I will say on this is, please don’t use the same password, or variations of the same password for everything. Your email and your bank should not have the same password. Also, if any of your applications, such as your bank, retirement, email, etc., support dual factor, or 2 factor authentication, use it. It’s not difficult and it adds a few extra seconds of authentication time, but drastically decreases the chances of you being hacked. Hopefully this article has helped you understand some of the mechanics of password cracking. Hopefully a deeper understanding will help you understand why your admin forces strong and complex passwords. If this was helpful, please share it. I freely admit, to my peers, that this is a very oversimplified description of password security, so trolls be gone. The post Strong Passwords Explained appeared first on Ntiva.

Is it time to rebuild your network from scratch?

Okay… Here’s how 90% of the networks I’ve seen have been built. Tell me if this sounds like you. You started with a fairly small, unsophisticated network. You probably had a single server, maybe even a workstation that was utilized as a server. You have a basic switch that you got from BestBuy or Amazon, probably DLink or Linksys. You had a basic firewall, probably SonicWall. As things progressed, you added to the network, maybe a bigger switch, maybe another server, maybe you integrated some kind of cloud services, but generally, your network wasn’t intelligently designed, it was pieced together over the years as your needs changed, your network changed. And, it probably works…ish. Most of the time it’s fine, when it fails though, it’s a little bit of a game digging through old configurations, services that weren’t properly removed, switches under peoples desks, a mix of old and new cabling, maybe a random wireless router you added. Does that sound familiar? It probably does, that’s how most networks look. Eventually you reach a point either in size or sophistication that you decide it’s time to rip it all out and start from scratch. Generally well designed networks require less upkeep, maintenance is easier, and configurations are standardized according to Microsoft or manufacturer best practices. Intelligent networks are easier to maintain and much easier to fix. So when is it time? Most of the time, customers wait until they have a major disaster and are looking down the barrel of tens to hundreds of man hours to repair, and that’s the point that they decide to just start from scratch. At that point you’re either spending a lot of man hours to put it back the way it was or the same amount of man hours to redesign it, so the math is easy. A better approach is to segment your network into different pieces, and upgrade/redesign them individually. Generally I recommend starting with the infrastructure project. Infrastructure, in this instance, refers to the network hardware. Switches, access points for wireless, firewalls, cabling (if necessary). Since that is the backbone of the network, I recommend standardizing that first. After that core services is the next logical place to start. Look at what you’re using and have a systems architect draft a few proposals for redesigning it. If you’re using a local email server, maybe it’s time to look at cloud based messaging. If you have all of your servers and services on premise, it might be time to look at using a cloud based, private or public, hosting facility. Many of these options offer a tradeoff, financially. The upfront cost of migrating is higher, but the follow on maintenance is much lower than you’ve been paying. Once your core services and infrastructure are up to spec, it’s time to look at ancillary services. You might consider moving your phones to a cloud based VOIP provider to increase user mobility. It may be time to look at printers and copiers and see if there’s better deals on newer units that require less maintenance and represent less downtime and operating cost. Finally, the last step is generally the user experience. Are you still running Windows 7? Do you have workstations that are older than 3 or 4 years? Is there an intelligent design to your workstation refresh program? These are all end user considerations that will streamline and control your costs. Many customers wait until all 25 of their computers are 5 years old and then have a massive project to refresh everyone. This represents both a significant upfront cost and a major user interruption. A more intelligent design is to select a standard rotation timeline (somewhere between 3 and 5 years is standard) and then divide your workstations by the rotation timeline, and that gives you the number of workstations you should be refreshing each year. By staggering the rotation you have a consistent hardware cost for end user hardware and you spread the disruption over many years, instead of a few months. In the end a well-designed network represents less downtime, simplified maintenance, and less operating costs. When you decide to pull the trigger on executing is ultimately up to you, but I always recommend you make the decision yourself before a major failure makes the decision for you. The post Is it time to rebuild your network from scratch? appeared first on Ntiva.

Phishing Tips and Identifying a Scam

Phishing—It’s not just about investment opportunities in Nigeria anymore! It wasn’t that long ago that the most sophisticated scam email we would see in our Inboxes was a note from some supposed businessman looking for assistance with a cash transaction.  The threat landscape has changed dramatically in the past year, with phishing emails becoming more advanced and almost indistinguishable from a legitimate email.  All is not lost, however, and this guide will provide some tips for identifying the wolves among your flock of otherwise peaceful email. What is phishing? At the simplest level, it’s a fraudulent piece of email engineered to get you to complete a task you otherwise would not perform.  Those tasks might be transferring money to an account in the Caymans, providing a stranger with your login credentials, or installing a virus on your computer.  Phishing attacks succeed because they fool you into thinking they are messages from something or someone that you trust, and attackers are getting better and better at pretending to be trustworthy.  You’ll receive phishing emails that seem to be from people you know, maybe even your boss. How do I tell a phishing email from a legitimate one? How do you know that your boss really isn’t telling you to transfer $10,000 to a numbered offshore bank account?  You need to pay attention to the details in a message.  Most phishing scams look similar to something that you’d receive from a legitimate source, but rarely are they identical to legitimate messages. For example, you may receive a message from Citibank telling you to log into your account providing a link to check on a transaction.  You know, however, that your bank has told you that it never sends you emails with login links.  That discrepancy is your clue. Links in the suspicious email are your best identifier that something is phishy.  Take this screen shot below: When I placed my cursor over the link WITHOUT CLICKING, it showed the link’s URL.  This link clearly wasn’t going to FedEx.  You’ll notice as well that the FedEx address isn’t even correct. Many phishing emails are closer to the real thing than this is, but the same techniques apply.  If you receive an email for an Office 365 document link, for example, all you need to do is drift your cursor over that link.  You’ll notice that the link does not go to office.com or Microsoft.com, but some random website that the phisher hijacked. Ha!  I’ve spotted a phishing email.  Now what? Please forward it to your IT help desk so they can analyze the message and configure the spam filter to have a better chance of stopping the phishing message in the future. Where can I learn more about phishing? https://www.us-cert.gov/ncas/tips/ST04-014 Offers some basic tips. https://www.it.cornell.edu/security/phishbowl.cfm Is Cornell’s database of current phishing scams they’re seeing on campus.  It’s a great way to familiarize yourself with the types of messages out in the wild. http://www.consumerreports.org/money/how-to-protect-yourself-from-phishing/ The folks at Consumer Reports also have a clear guide with some useful links.   The post Phishing Tips and Identifying a Scam appeared first on Ntiva.

What is a SysAdmin and why do I need one?

In IT there are a lot of Industry terms that aren’t well defined. Your IT provider may supply you with a technician and use terms ranging from Engineer, Field Engineer, Technician, and SysAdmin. SysAdmin, or Systems Administrator is generally considered to be the top of the food chain, as far as IT and Systems Engineering goes. The difference between a tech and a SysAdmin is similar to the difference between a cook and a Chef. You might be one of the best cooks in the world, wowing diners with your amazing dishes, but you’re not a Chef. A Chef manages the kitchen, budget, orders , plans the menu, manages the maintenance of the kitchen equipment, and sometimes, when all of that is done, they cook. A SysAdmin is the same. We get brought in on high level technical issues when nobody else can figure it out, but generally we aren’t the ones you call when your system breaks. We’re the ones you call to keep your system from breaking. Common SysAdmin tasks are things like evaluating your backup and disaster recovery system, implementing multi-tiered recoverability, designing a plan for rolling out important security, operating system, and software patches, and reviewing your infrastructure design and ensuring it’s capable of meeting your needs today and in a year. So why do you need a SysAdmin? The argument I always hear is “We’ve been working this way for years, and it’s fine the way it is.” The problem with that statement is this. If you don’t have a SysAdmin you don’t know what you don’t know. You have systems in place that you may have never had to use in a large capacity, such as your backups. If you’re running basic single tier backups, meaning just backing up your data to one location and never testing it, you may be in for a surprise the first time you suffer a major system failure. I’ve worked with organizations that are still using backup tapes or are still backing up to hard drives and manually taking them off site. Backup tapes are highly susceptible to failure. Hard Drive rotations require too much human intervention. I can’t tell you how many times I’ve attempted to restore from an external disk only to find that either the disk hasn’t been rotated recently, or it was taken home and stored in someone’s car, in 90 degree Washington DC heat, which basically destroys the disk. Trust me, you don’t want to find out your backup aren’t working after you need them. A SysAdmin looks at all of this and ensures that your business is capable of not only surviving a major failure, but is protected against minor problems, such as security breaches, system failures, and large capital expenses. That last one might seem like a weird role for IT, but think about this. How many computers does your organization have, and how often are you replacing them? Are you waiting until they are completely obsolete or outright fail before you replace them? A large part of SysAdmin work is planning for and maintaining a up to date system. That means installing a regular rotation of hardware based on an approved schedule. General PC replacement should be done between 36 and 60 months. Most fall in around the 48 month time frame. What this does is ensure that you are slowly replacing aging hardware, instead of suddenly having to purchase 25 new computers all at once. That kind of massive replacement is not only very expensive, but very disruptive to your business and time consuming. Bottom line is, and I’ve already said it, you don’t even know what you don’t know. If you’re not employing a SysAdmin, even on a part time basis, you should be. You’d be surprised at how spending a little money having an expert plan for you will save you a lot of money later, and whether you suffer a major failure now, soon, or you already have, you will. Even having meeting with a SysAdmin a few times a year to audit and plan for your systems health and upgrades can save you huge budget expenditures later. The post What is a SysAdmin and why do I need one? appeared first on Ntiva.

Why Businesses Should Switch to Windows 10

Windows 10 has a number of features which make it distinct from its predecessors and one area in particular where it has shown improvement is in security. The importance of security cannot be overstated for modern businesses, especially when one considers the number of employees who are using their mobile devices for work related tasks. Below are some ways in which Windows 10 can make your business more secure. It Offers Increased Identity Protection Security threats are evolving rapidly in ways which may be difficult for Windows 7 or 8 to counter. One such area involves the protection of identity. Windows 10 offers three methods for identity protection, and these are Azure Active Directory, Microsoft Passport and Windows Hello. Azure Active Directory is a complete cloud solution for identity protection, while Microsoft Passport is an easy to use system for multi-factor passwords and Windows Hello utilizes biometrics to access devices. It Protects Your Data Identity protection does you little good if it isn’t combined with the protection of data, and Windows 10 does this exceedingly well through the usage of BitLocker and Enterprise Data Protection. BitLocker conceals data in the event that the device it is stored on is stolen, and it does this via encryption. While Windows 7 also has this feature, it is much more powerful on Windows 10 and can be used automatically. Enterprise Data Protection will protect your data anywhere it is stored, whether on a laptop or mobile phone. This is done through a combination of containerization as well as data separation and encryption. It Secures Devices While Actively Resisting Threats Device Guard is a Windows 10 feature which forces applications to prove themselves trustworthy before being allowed to operate. Any application which is unknown or untrusted won’t be able to function. Additionally, Device Guard blocks modification by both malware and even administrators. Windows 10 also secures devices by hardware, which means that it assists in confirming and maintaining hardware and the integrity of the system. UEFI Secure Boot is a mechanism which stops malware from placing itself inside the hardware or activating prior to the start of the OS. In order for businesses to protect themselves, they must first understand the threats they face. Cybercriminals are no longer just mere hackers working alone and instead may be part of a larger organization. The sole purpose of these organizations is to steal and use valuable data, and businesses which are not properly secured are vulnerable to their data being compromised and used against them. While some Windows 10 features have been the subject of controversy, many companies, especially those which operate in the IT sector, will be pleased with their functionality. The consequences of being successfully targeted by cyber criminals cannot be underestimated. Companies have lost millions of dollars due to security breaches, loss of data and DDOS attacks. This doesn’t include fines, legal fees and the loss of good will which will result from a successful cyber attack. It is for this reason that businesses should consider upgrading to Windows 10. The post Why Businesses Should Switch to Windows 10 appeared first on Ntiva.

How Managed IT Helps Your Bottom Line

Because IT is constantly evolving, it can be challenging for smaller businesses to remain updated with the newest technology. Part of this is due to the costs involved with making upgrades, but newer technology also requires knowledge to be used effectively. One way for businesses to stay relevant with IT is through the usage of managed IT services. What are Managed IT Services? Managed IT services involve the process of delegating daily management procedures in a manner that improves the efficiency of operations. While managed IT services are commonly used by large enterprises, they are far less common among smaller businesses. However, there are a number of reasons these businesses should consider the implementation of these services. Some of these reasons include: A Reduction in Downtime A smaller IT department that consists of little more than a couple of employees is usually not capable of effectively dealing with downtime, and must rely on outside support when something goes wrong. Resolving the problem could take days, reducing the company’s revenue. Not only does managed IT reduce downtime, but it reduces the need to spend long periods of time waiting for assistance. Managed IT Services Ensure Your Business is Compliant Depending on which industry your business is based in, you may be subject to all sorts of regulations and requirements, many of which are difficult to understand or comply with. Managed Service providers specialize in these regulations, and keeping up-to-date with them. They can also help you avoid fees by ensuring your technology is in compliance with all regulations, and stays that way. Managed IT Services Cost Less over Time Many small to medium sized businesses are turned off by managed IT services due to the hefty price tag, but this is only up front. Over the long run, managed services save money because they increase productivity while ensuring the business doesn’t lose customers due to a lack of satisfaction. Managed IT Services Offer Solutions which are Cutting Edge Managed IT services specialists are on the cutting edge of IT, and are always aware of new developments. This means that they can bring a great deal of experience and information to your firm, which will give you an edge over your competition. They also utilize economic scale, which means that you get access to affordable solutions that in the past were restricted to multinational corporations. At the rate that IT is evolving, few small or even medium sized businesses can keep up. Equipment must be upgraded frequently, and new IT specialties are being introduced all the time. Most businesses are simply not prepared to deal with this pace, which is why managed IT services can help them bridge the gap. The majority of entrepreneurs are not specialists in Information Technology, and they don’t desire to be. Their goal is to focus on the skill sets which are needed to run their companies effectively, without having to deal with the headache of managing infrastructure for IT. It is for this reason that these entrepreneurs should consider outsourcing their IT management to a reliable managed IT service provider with a proven track record of success. The post How Managed IT Helps Your Bottom Line appeared first on Ntiva.

How To Secure Your Mobile Device Network In The Workplace

A growing number of employees are bringing their mobile devices to work, and are using them for work related tasks. The good news is that these devices increase employee productivity. The bad news is that mobile devices, when handled improperly, can become a security risk. In the past, many companies responded to mobile devices by simply banning them outright, but changes in technology and society are making such measures both onerous and ineffective. Below are some steps that employees can take to secure their devices in the work place, and employers should ensure that these measures are being followed. Use Mobile Device Management Tools The risks associated with mobile devices come in two forms, and this is the device itself, and any third party applications that can be installed on it. If a mobile device containing confidential company information is not encrypted, and is stolen, this exposes the company’s data to unauthorized parties. Malicious third party apps which are installed on mobile devices could penetrate corporate networks, compromising confidential data as well as damaging the network itself. A Mobile Device Management (MDM) tool can prevent these problems by restricting the devices which are allowed to access specific types of information on the mobile device network. Additionally, MDMs also provide encryption, remote locking, distribution of software and provisioning for both configuration and devices. Teach Employees about Risks Associated With Mobile Devices and Downloading Apps Employees must be taught the risks involved with downloading apps to their mobile devices, and equally important, employers must place restrictions on the applications that can be downloaded from their network. Employees must be taught basic skills such as how to secure their devices to avoid theft, and how to properly encrypt them in case they fall into the hands of unauthorized users. One solution is for employers to only allow downloads from a private, corporate source, as opposed to public shops such as iTunes. When Developing a Proprietary App be Sure to Detect Vulnerabilities It is becoming common practice for corporations to develop in-house mobile applications. These applications are useful because they allow companies to communicate with clients and conduct business with them over long distances. These applications will typically have an authenticated process for acquiring specific information, which is usually stored on the company’s database. The danger is that when these in-house applications are not properly tested, they may have vulnerabilities that cyber criminals can exploit. Vulnerabilities can remain undetected even by developers that are experienced. This is why it is crucial for developers to stringently test their applications before release, and things to watch for include server side controls that are weak, data storage which is not secured, weak transport layer protection, insufficient authentication or authorization, leakage in the side channel, damaged cryptography and incorrect session handling. Any of these areas can be a source of vulnerabilities, and when released to the public without thorough testing hackers will be quick to exploit them. Following these procedures will allow companies to greatly reduce the problems posed by mobile devices. The post How To Secure Your Mobile Device Network In The Workplace appeared first on Ntiva.

Hiring IT Staff And Learning To Spot The Red Flags

The quality of the IT personnel you hire for your company can make the difference between success and failure. One reason for this is because hiring employees is expensive, but hiring the wrong employees is even more so. When you recruit the wrong people a great deal of energy must be spent resolving the situation which wastes time, money and opportunity costs. Below are some warning signs you should watch for during the hiring process, as they will help you weed out employees that don’t suit your needs. They Lack a Verifiable Track Record of Success Because of the high costs involved with hiring an employee, you should make sure the IT staff you select have a track record of success that can be verified. Have they achieved any awards or recognition from previous employers, academia or industry publications? Any candidate can claim to have done this or that, but one who can point to concrete evidence of their success is the one you’ll want to hire. The Candidate Doesn’t Understand the Job During the hiring process, you’ll often come across candidates that have no idea what the job is about. These people are time wasters, and the goal of human resources should be to sift through them as quickly as possible. One way to achieve this is by asking candidates specific questions which are designed to test their knowledge of the job. During this questioning, use IT industry terms that only someone with experience would be familiar with. If their responses are incoherent, this tells you all you need to know. Demonstrates Unreliability for Simple Tasks Arguably the most important quality in an employee is reliability. If a candidate demonstrates unreliability for simple tasks, such as showing up on time, forgetting to respond to emails or sending documents, then this tells you this individual is not serious about the position, and will ultimately cause more problems than they solve. They Display a “Know It All” Attitude This phenomenon is seen in all industries, but is a particular cause for concern in Information Technology. There is no shortage of smart people in the IT field, and there is also no shortage of people who are arrogant and think they know it all. Be wary of candidates that are overconfident. Watch for those that speak condescendingly, disregard the contributions of others or are unable to describe a mistake they’ve made. An employee in the IT sector that doesn’t know their weaknesses or the limits of their knowledge is a liability. Their Values Don’t Match Those of Your Organization To detect candidates whose values differ dramatically from those of your organization, you must first be clear about what your company’s values are. For instance, if your company prioritizes collaboration or speed, applicants that aren’t aligned will ultimately cause problems. Oftentimes, human resource staff don’t emphasize this clearly during interviews, and it allows bad apples to slip through. Be sure that interviewers emphasize the company values to applicants, and can weed out those who don’t match them. Too many interviewers focus solely on the information the candidates put on the form, but this is only one factor that should be taken into consideration. The post Hiring IT Staff And Learning To Spot The Red Flags appeared first on Ntiva.

How To Cut Down On Your Business Telecommunication Costs

The 21st century is no stranger to major technological advancements that rock the world. Today, a phone is not only considered as a telephone, but a mini-computer and personal assistant combined into a single device! Today, affordable, accessible mobile technology has changed the way we live and it is almost impossible to run a business without a phone and a telecommunications service. For any business entity, a simple phone call can mean a fresh lead and a sales opportunity. The costs of telecom services are rising and the need to save money has become a highly important initiative for many businesses. Read on to find out more information on how you can cut down costs for your business while increasing the quality and overall efficiency of your operations. Audit and assess all the services you are paying for This is a great first step for small businesses to take when cutting costs that are associated with telecom services. It helps a lot when business owners make the effort to conduct a comprehensive audit and assessment of the existing services that their company is paying for. In fact, this is the best way to determine whether their money is properly spent. In addition to that, these assessments can also provide valuable insight into better solutions and alternatives to save costs. Take full advantage of discounts and refunds Oftentimes, some businesses are too cooped up with ongoing operations and fail you check on payable penalties and credits due to billing errors and other similar issues. It is pertinent that you take note of these matters as it could save your organization a substantial amount of money from the refunds and discounts owed by such billing errors. It just makes great logical sense to fully make use of them. Engage a telecommunication IT service provider This is one of the greatest ways to ensure your organization receives high-quality and cost-effective telecom services. These service providers are able to correspond to a wide range of carriers that provide both commercial and local data services, phone services, integrated voice data services and hi-speed internet access. A telecommunication IT service provider is also able to help you acquire services that are within your budget and means which will work out well in the long run. Identify and resolve any billing mistakes promptly When you discover billing mistakes, it is pertinent that you resolve them as soon as you can. These errors can come in a number of variations which include discontinued services or lines. If you ignore them, you may incur extra hidden costs that will accumulate over time and increase the bill. Additionally, there are contracts and quotations that have not been accurately reflected, and they require your attention as well. Auditing your telecom bills may seem time-consuming at first but it is definitely a good way to reduce your organization’s expenses. In today’s era, any type of company or business as well as startups requires telecom services at one point. It includes email services, international phone services or wireless services. Regardless of what services you plan to procure, you should always take the necessary steps to lower your expenses so that you can improve the bottom line for the company. The post How To Cut Down On Your Business Telecommunication Costs appeared first on Ntiva.

Top 5 BYOD Concerns That Employers Should Address

Today, many business organizations permit the use of employees’ personal devices such as smartphones or tablets in the workplace. The ownership of such devices is now the norm and the BYOD (Bring Your Own Device) practice is a growing demand. Despite the buzz, caution must be taken as this phenomenon might risk your corporate data through the employees’ personal devices. If your organization permits the use of employees’ devices within the business premises, there are a number of factors to consider when it comes to maintaining the security of your corporate data. Here are five BYOD concerns every employer should address. Termination policies When one of your employees decides to resign, whether as a result of termination or on amicable terms, the risk of data theft is surprisingly high. An outgoing employee could possess a personal device that’s full of company information, thus having a clear policy in place to deal with such circumstances is paramount. As preventing their access to documents and systems can take time, it is pertinent to manage this task before they leave. Training employees While having policies in place are essential, training your employees on using their personal devices for work is important as well. Your BYOD policies amount to nothing if you don’t train your employees on how they are or aren’t allowed to utilize their personal devices in the workplace. Additionally, you should educate them on what files can or cannot be accessed with their devices. It is pertinent that you provide comprehensive refresher courses from time to time, to ensure that they don’t lose sight of the rules. These are all vital steps of preventing a data breach. Backing up data Today, many mobile devices and systems have an automatic cloud backup function. There are also other more comprehensive cloud based solutions which your employees will take advantage of over time. While backing up data is a good IT practice, things may get problematic once business data is inside the device. There may be trade secrets or other private organizational information that should not exist within personal cloud storage. It is essential that you do not allow your employees to back up company data on their personal devices. Employee privacy and policy control While BYOD policies are vital for the protection of an organization’s data, don’t forget to protect your employees’ privacy too. Your policy should state clearly what kind of employee’s personal data is needed in exchange for a required amount of access. Additionally, adequate policy control is also needed to dictate specific data or systems to which type of BYOD devices is or isn’t allowed to access. Also, the policies should state that every employee is required to report any stolen or lost devices in a prompt manner for appropriate measures to be implemented. Keeping records While maintaining the protection and security of data on BYOD devices is important, accounting for all the business-related data that your employees create or consume on their device is also pertinent. Depending on the type of business you operate, there are different regulations to take note of to govern the data effectively. As an employer, you will need to be upfront when informing your employees that personal data should always remain separate from business data. If you have implemented your BYOD policies well, you will effectively minimize the risks of breaching your corporate data or corporate IT environment for that matter. The post Top 5 BYOD Concerns That Employers Should Address appeared first on Ntiva.

5 Email Security Must-Do’s For Your Business

Email has made significant changes as to how we communicate with each other – both for the better or worse. Many businesses today rely heavily on email communication and smaller business networks have become exposed to an increasing number of harmful malware programs which includes spyware, Trojan horses, worms and other computer viruses. Hence, it is not advisable to underestimate the importance of email security. It is pertinent that all business owners examine what will be at risk when sensitive data is included in their emails. In most cases, the business itself as well as network data will be at risk. Data loss is risky as it can create operational and financial burden which harms the business. Sadly, conventional antivirus and firewall solutions are no longer enough to protect from current and ongoing threats. This is also means that you must continually keep up with evolving business practices and security technologies as well. Let’s explore some good practices to keep your email security at an optimal level: Ensure all departments understand ongoing security policies Ensure that all key departments within your company understand security policies well. Also make sure they sign off on your analysis, retrieval, retention and email filtering policies. The department heads should make sure that they assist their respective department members to understand security policies. Educate your staff By doing so, you will impart valuable knowledge to them and help prevent the spread of viruses via phishing scams and suspicious email attachments. Ensure that they are well-informed enough to not open emails from any unknown senders and sources. Additionally, you should reiterate these policies on a frequent basis to see what works and what no longer works. Specify controls and policies with utmost clarity It is important to set rules and regulations that state what can be stored on user laptops and desktops. This will help your organization protect and control important data with a high level of effectiveness. You should also empower your IT administrators to enforce such policies and provide them with the right tools to do so. Stay attuned to threats It is pertinent that you are aware of all the major threats and countermeasures because they are constantly evolving. When you are well-prepared, you will be able to identify security loopholes better and take the necessary steps to mitigate potential harm. If you have no time to do these things yourself, having a trusted technology partner is a great idea. Consider implementing an email archiving system This will help your system recognize email that is consistent with your industry, regulatory requirements and corporate culture. Sophisticated software and hardware are just part of the whole picture of securing your emails and computer systems and you should not forget that a community of compliant and well-informed employees is needed as well. It is highly pertinent that they are trained to avoid risky behaviors that might compromise your business’s online security from the start. All things considered, email security is a two-way thing and that any outgoing data is as harmful as what comes in. Hence, you should always be mindful of ongoing events and have countermeasures in place to mitigate the effects of any malicious email content. The post 5 Email Security Must-Do’s For Your Business appeared first on Ntiva.

How To Maintain A Server Room Like A Pro

A server room can be considered one of the most important aspects of an IT environment. Most of these rooms utilize large amounts of cables and without adequate care, they could get entangled over time. In this case, traditional clean up practices will not work well on sensitive electronics. Cable entanglement is not only the problem you will face as excessive accumulation of dust is another issue too. Over time, innumerable amounts of dust can pile up within any exposed hardware which may also affect the performance of certain systems. These common server room situations should be avoided from the start and it is pertinent that you keep the room clean, tidy and organized. Here are some of the best ways to go about it. Keeping server room dust at bay If the old feather duster is unable to tackle those hard-to-reach spots in the server room, you should opt for compressed gas canisters as well as a modern electric duster instead. The latter is able to tackle large scale environments like a server room. It is recommended that you go for electric dusters that come with a 500-watt motor to blast dust off crevices and fans in the most effective manner. You will also quickly notice that your investments for such equipment will pay off for itself. If you plan to utilize some sort of AC vacuum device within the premises, you may want to plug the device into an outlet that’s away from the server room. Although this sounds like some kind of superstition, let’s play it safe by not disturbing equilibrium of a server environment. Good cable management is essential for a well-maintained server room That spaghetti mess is something that everyone is familiar with and how bad that is will depend on how well you set up the cables within the room. They should be arranged in the neatest way possible, especially if they are in close proximity with server racks. Here are a few simple practices to keep in mind: Use colored labels and codes to save on maintenance time down the road. Whether the cable is used for printers or VoIP devices, they must be of a different color. To label your cables, try heat-shrink tube labels. They can easily fit around the cable heads. You should never group network and power cables together, as the power lines can cause interference. Velcro cable ties are great tools here as they are easy to reuse. Always measure your cables as using inappropriate lengths are simply too wasteful. Once you’ve measured the right length, cut the excess with a cable crimper. Contemplating whether to mop your server rooms? As you already know, reckless usage water is not recommended in a room full of sensitive and expensive electronic equipment. You might want to engage the assistance of a professional cleaning service that has adequate experience and skills to actualize the clean-up plan. Speaking of which, you will want to be mindful of where you install any electronic gear such as air conditioning units as they can drip water. If you feel that you need help with managing your server room, don’t hesitate to contact us at Ntiva for more tips. The post How To Maintain A Server Room Like A Pro appeared first on Ntiva.

5 Things To Look For When Hiring An IT Consultant

Finding the right IT consultant for your organization can be a tedious process, and once you’ve found the perfect company or individual, you must also be able to convey the needs of your organization in a manner that they can understand. While there may appear to be a large number of vendors available, finding those who have both the technical knowledge and personality traits which are needed for your company can be challenging. Below are some characteristics to look for when selecting IT consultants to manage your IT needs: Adequate Knowledge and Experience IT encompasses a wide variety of different environments and technologies. Therefore, the most ideal candidates are those who can navigate the various areas of information technology while also providing reliable guidance and expertise. IT consultants with sufficient experience and knowledge will instinctively understand the needs of their clients and can provide quality IT solutions to them. In fact, without adequate knowledge and experience, even if you hire IT talent that has a list of other outstanding qualities, you will not be able to get value for your investment. Compatible Personality with Your Company’s Culture While the technical credentials are important, the IT specialists must also have a personality which is compatible with the culture of your institution. They must be capable of working well with others, sharing their ideas, and advising the team on any matters which are IT related. If your company values timeliness for example, you will have to look for IT guys who pay a strict adherence to deadlines. Ethical and Honest Any consultants you hire must be capable of maintaining the integrity of your organization, as well as its goals. It is one thing to know what’s right when it comes to technical matters, but a consultant must also look out for the best interests of the organization. One way to get a feel a feel for their ethics is to present them with “what if” scenarios, and then listen carefully to their responses. Ambitious and Forward-Looking The most ideal candidates are those that go above and beyond what is required of them. They understand the big picture, and how the actions they take today will affect the organization tomorrow. Most reputable IT candidates will be well educated and experienced; but finding one that is willing to go beyond what is required is quite rare. Additionally, a good IT consultant should be capable of both continuous learning and teaching others. Quick Adaptability Information technology is a field that is constantly changing and evolving, and what is popular today can easily become passé tomorrow. Therefore, one of the most valuable traits that should be sought after in IT consultants is their adaptability. Not only should a consultant be open to change, but he or she should also be able to rapidly adapt to it. Only then can they succeed with an implementation, especially when the end results are determined by both standards as well as protocols. Remember, because information technology is a rapidly change industry which is high in demand, it is important for organizations to choose their consultants with care. In additional to experience and education, an emphasis must also be placed on other interpersonal traits, as shown above in the post. The post 5 Things To Look For When Hiring An IT Consultant appeared first on Ntiva.

Office 2016 – The Cool New Features You Will Love

Microsoft has done a lot of changes in Office 2016, and while some of the features are only a slight leap from Office 2013, there are enough improvements and enhancements to garner interest, even in light of the availability of free productivity tools such as Google Docs. Below are five key features that give Office 2016 an edge over the competition: Document Editing in Real Time The key to successfully working with a team is collaboration, and Office 2016 offers this by allowing you to see what your co-workers or friends are doing as you edit documents. This is done in real time, which means that you will see the names of your co-workers appear in miniature boxes whenever they edit a specific area. “Clutter” Automatically Organizes Your Inbox Keeping an inbox organized is a task that many of us dread. In the past it had to be done manually, which was a tedious, time consuming process. With Office 2016 Microsoft has introduced a new feature called Clutter, which scans your inbox and moves email which is considered non-essential to a specified folder. Even better, Clutter is an adaptive program, meaning it “learns” from the actions of the user and how they organize their email, and will then behave accordingly. Interface Features Vibrant Colors With Office 2016, Microsoft takes the colors most associated with this software and places them further within the ribbon type interface. While this may seem like a small change to previous Office users, it is one part of Microsoft’s strategy to create a superior experience. In addition to the default colors that come with the software, users can also download and use unique themes. It Shows You What to Do and How to Do It Office 2016 introduces a cutting edge feature called “Tell Me” which makes it easier for newbies to learn the software. While previous versions of Office used Clippy, “Tell Me” does more than merely show the user what to do; it also teaches them how to do it. This feature is Important because it helps new users overcome the learning curve that is typically associated with these type of programs. Increased Integration with Excel If you’re a power user who frequently performs complex operations in Excel, you will be pleased to learn that Microsoft has integrated numerous add-ons directly into the user interface of Office 2016, which means that its business intelligence capabilities are greatly enhanced. This means that users will be capable of handling a larger number of data sources, and they will also be able to analyze this data much more rapidly. Microsoft has also added a new selection of graphs as well as charts. Remember that Office 2016 is not a quantum leap over its predecessors; it was never meant to be. It is a gradual improvement, which is exactly what you would expect from such a widely used program. All in all, it offers something for everyone, whether you’re new to the software or an Office veteran who has used it for years. That’s why when you are doing the next round of device renewal, we will highly suggest that you install Office 2016 on your computers.   The post Office 2016 – The Cool New Features You Will Love appeared first on Ntiva.

What Are Managed IT Services?

Managed IT services involve the proactive handling of IT assets. The asset will typically be managed by Managed Service Providers (MSPs). They manage IT assets for their customer, and unlike reactive IT programs which have been around for years, MSPs are a more recent development. MSPs have become popular with both small and large enterprises due to their cost effectiveness and efficiency. Why Managed Services are Beneficial Technology is changing rapidly, and many businesses are finding it challenging to adapt to cutting edge technologies such as cloud storage or video conferencing, while simultaneously reducing their costs and remaining within their budget. Managed services have become the preferred solution for adapting to newer technologies with ease while also managing costs. Managed services are capable of scaling a business in a manner that was extremely difficult and expensive to perform in the past. The reason for this is because the necessity for onsite infrastructure has been reduced. In the past, these services required power facilities for the backup of data and for disaster recovery, as well as cooling units and large amounts of space. Key Service Features from MSPs MSPs are comprised of a number of features which make them distinct. They will offer an NOC, or Network Operation Center, and they will also offer a help desk for clients. Additionally, MSPs are capable of remotely assessing and handling most of a customer’s IT assets. These solutions will all be provided with a billing system that is predictable, which gives the customer both reassurance and accuracy regarding their information technology expenses. While MSPs may seem generic and standardized to some, there are many variations which can offer customized services for clients. Some common examples of MSP solutions involve cloud storage, server maintenance, hosting, cyber security and management for mobile devices. When clients need to design their approach, or implement newer infrastructure into their environments, quality MSPs will offer the capabilities they need. Managed Services for Vertical Markets In addition to the variety of services that MSPs cover, they are also compatible with numerous vertical markets. Some examples of these vertical markets include financial and legal services, as well as healthcare. Managed services are sought after in all of these industries, and more. Managed Services Gives You Access to Top IT Talent Pool & Resources Quality MSPs will provide you access to a pool of personnel, knowledge and technology which is used to run the networks of large, multi-million dollar enterprises. The services will be managed, assessed and maintained 24/7 by teams and systems which work together seamlessly. When it comes to data, there can be so many diverse demands that the efficient handling of the data environment can be challenging for IT departments. It is for this reason that many providers emphasize high end solutions for data management, which encompasses archiving, and storage, as well as disaster backup and recovery. Because the technology involved with data has become advanced, MSPs can offer newer solutions that give enterprises an edge. If you are ready to learn what managed IT services can do for your business, talk to us at Ntiva. The post What Are Managed IT Services? appeared first on Ntiva.

Cyber Security Tips For Businesses And Employees

Many companies don’t realize that the greatest threat to cyber security may come from within. Research shows that employees who are untrained often constitute the greatest threat to the organizations they work for, particularly federal agencies. Additionally, institutions that do not implement programs for security awareness might experience security breaches which are 4 times higher than institutions that do implement such measures. Too many institutions focus on external threats while ignoring those that are internal. While some employees intentionally compromise the companies they work for, others may do so through negligence, insufficient training or security protocols which are vague or even non-existent. Security breaches can result from something as simple as sending an email to the incorrect recipient, or opening documents which have been sent by unknown parties. Another problem is the usage of passwords which are weak and easily compromised. Tips for Businesses If an organization doesn’t have security protocols, they should implement them. Many small businesses think that there is little need for them to implement such measures, but size is irrelevant when it comes to cyber security. Security measures should also be enforced, with consequences for employees that violate them. Here are some other tips: Businesses that handle any type of data which is sensitive, such as the credit card information of their customers should take security seriously and become PCI compliant. Any business that operates on the web must implement cyber security measures. This includes data signatures, firewalls, payment gateways and strong passwords which are changed periodically. Companies large or small should implement basic security training for their employees. This includes the creation and proper management of passwords, how to properly secure email communications, and the importance of shredding documents which contain sensitive information. Tips for Employees Employees are the first line of defense when it comes to an institution’s cyber security. Some best practices include: Make sure that all passwords are no less than 12 characters long, and should include letters, numbers and symbols. Passwords should never be shared, even with other employees. It should be changed every three months, and the same password should never be used more than once. Some viruses are designed to infiltrate email, so it is important to make sure your anti-virus software protects your inbox. Never open attachments from untrusted sources, and avoid responding to emails that request sensitive information about the company. Pay attention to where you’re sending your emails. Glance up at the “send to” field before hitting the “send” button to ensure you’re sending to the right party, especially if you’re about to send information which is sensitive. Because more people are using portable devices such as laptops, tablets and smart phones, there is increased risk of these devices being stolen, which compromises all the data held on them. This is why it is important to secure these devices at all times, as well as using strong encryption. In order for an institution to remain secure, both its employees and the organization as a whole must design, implement and follow security measures. Employees that don’t comply should face disciplinary action or even termination, as the consequences of a data breach can be truly devastating. The post Cyber Security Tips For Businesses And Employees appeared first on Ntiva.

How Proactive Maintenance Can Save You Money

We are aware of the initial thoughts that run through the minds of business owners, which pertain to the skepticism of procuring ongoing network maintenance services when everything seems fine as it is. And there are seemingly more important matters to worry about, like the core functions of your business. But you should consider how time-consuming and devastating an emergency crash or technical error can be to your IT network. Network downtime is unacceptable in any business and you can’t afford to lose hours or days of work or impede your employees’ progress with their own work. When a network failure occurs, you will most likely spend more money and time fixing it instead of directly investing the money on your business’s productivity. Why Proactive Maintenance is Needed Proactive maintenance will come with tools and services that will increase the availability and reliability of your network system. It will keep your network healthy and minimize the occurrence of a costly outage. Coupled with active remote monitoring, the service will be performed on a scheduled basis and your providers will be alerted when an impending outage may occur or has occurred. This knowledge is also crucial to reduce the total number of network outages and the duration of an outage, if one has occurred. What Can You Expect from Proactive Maintenance? Proactive maintenance will maintain both software and hardware at their current release levels to update security, add enhancements and fix bugs. It will identify issues that are capable of causing a potential outage, by checking resource usage, past system alerts and log records. Proactive maintenance also helps businesses to keep up with the pace of changes in IT, ensuring that all network systems are compatible with today’s standards. How Does This Service Help You Save Money? As proactive maintenance is all about detecting future problems, the amount you will be able to save will definitely be significantly lesser than the price of emergencies, downtime and major network repairs. Network service repairs usually cost more than computer repairs, and can range between $75 and $100 or substantially more at a time. However, this depends on the difficulty and extent of the network problem and there is no guarantee that the average network repair technician can solve all your problems. Additionally, the costs of downtime are calculated by how much money you will lose for each hour. To let you in on the full extent on how downtime can affect a company, there has been a case of a company losing $11,000 per minute until repairs were completed! As mentioned, proactive maintenance can reduce the duration of an outage which in turn saves the company more money – of course, the amount of money a company saves varies according to its business scale. An increasing number of businesses today are working with an outdated network either due to neglect or lack of adequate knowledge. Such networks are also fast becoming inefficient and this increases the risk of a major network downtime. In fact, more than 90% of network downtime is caused by preventable failures. With that said, there are many things that are happening within your network that you may not be aware of. If you want to ensure your network’s uptime and understand the best remedy is prevention, don’t hesitate to contact Ntiva today about our proactive maintenance service! The post How Proactive Maintenance Can Save You Money appeared first on Ntiva.

Managed IT Services: 4 Cost-Saving Benefits You Simply Cannot Ignore

A poorly managed IT infrastructure is a pain for any business to fix. If this is giving you a headache you can’t shake off, you should get managed IT services to help you sort out certain IT support tasks while you focus on your core business. If you are having trouble in deciding whether or not to use a managed IT service, simply take a step back to look at the potential benefits that are available to you and understand how they align with your business goals. Prompt and Professional Assistance It may be a cliché, but time is money and there is no way you can deny that. With that said, the saying becomes even more evident when you are struggling to solve an IT issue and business productivity is disrupted. When you make use of managed IT services, your employees and you will no longer need to solve technical issues in a frenzy and neglect your own job scope. Instead, you will have quick access to an IT talent pool which can solve your problem within a short span of time. Initial Investments You Can Afford One of the biggest benefits of managed IT services is that they help you offset hefty initial costs from other types of technologies. Rather than squandering thousands of dollars on software and hardware that you need, you are better off starting with a substantially lower monthly fee. This will allow you to redirect your resources where they are truly needed, instead of having your hands tied from the procurement of expensive applications and equipment. Increase Efficiency in the Workplace When you hire an employee, you will likely hire them for specific skills and expertise in a particular area. You do not want your accounts manager to work on IT problems, when they are supposed to focus on their main responsibilities. With managed IT services, you do not need to distract your employees with tasks that fall outside their skill set. Just outsource your IT matters to a team of experts that can resolve issues quickly while everything is running concurrently and efficiently. Better Economies of Scale As your business grows larger, so must the various structures that support it. When you engage the services of a managed IT service, you can scale your business up with relative ease through a quick discussion with your provider. For instance, you can quickly get rid of a certain application when you are not using it in cloud computing or in another example, you can accommodate more users immediately. Managed IT services are the best in terms of its flexibility and capability to expand and contract based on your business requirements. This is very beneficial for a business that is still in its early years or during times of significant growth when a change occurs on a moment’s notice. All in all, managed IT services offer a myriad of cost-saving benefits, regardless whether a small or large business is involved. Take some time to contemplate on how managed IT services will impact your bottom line and daily work. Do also consider how much you can save in the process, and how you can reinvest that money back into your own business. The post Managed IT Services: 4 Cost-Saving Benefits You Simply Cannot Ignore appeared first on Ntiva.

What Types Of Businesses Need Cloud Collaboration Capabilities?

Cloud computing is known as a method of utilizing a network of remote servers that are accessible via an Internet connection to process, manage and store data. Cloud collaboration enables more than one employee in the same company to work together on a file or document which is usually stored offsite. How do you know if your business is suited for cloud collaboration? Read on to find out if your business falls into any of these scenarios: You Experience IT Issues Regularly It may seem that no matter how well you maintained your business’s IT infrastructure and computer systems, you can still end up with problems. If you are running a small business and need to deal with these persisting problems, it can take up a lot of labor hours and these hours eventually add up to days which could be better spent on increasing productivity instead. In this case, your business can benefit from cloud collaboration tools. Not only is there minimal onsite equipment to maintain, you will have a trusted IT partner that can handle all the maintenance aspect of your cloud infrastructure. You Have Employees That Work Remotely Certain businesses are located at multiple locations, and employees who are on the same team may be working with each other over long distances. Thus, cloud collaborative tools will allow them to access and edit the same project documents in real time. Apart from saving you more money and time in the long run, here are some more reasons why they are needed in your business: It allows your employees to be more productive. Big companies such as Best Buy have reported that teleworkers are 40% more productive and they can reduce a significant amount of your company’s travel budget. It minimizes the occurrences of your employees referencing or updating the wrong data file. As it will be much easier for your employees to keep track of ongoing activities, they can execute their tasks at a faster rate than before. It eliminates many hassles of sending edited documents via email to other team members. Traditional methods are time-consuming and there is a risk that the mail does not send out at all when a technical fault arises. You Have a Growing Business When your business is growing and you need to hire more employees, engaging cloud services is a good move, especially when you are seeking scalability. With legacy IT infrastructure, you will most likely need to procure more equipment and hire more people as your business grows. Cloud collaboration solutions on the other hand are extremely scalable. No matter how fast your company grows, you will always have full access to cloud solutions that best meet your needs. You will never go wrong when you decide to invest in cloud computing for your business. You will be able to increase overall productivity within a lesser amount of time. Also, the capabilities of cloud collaboration allow you to manage peaks and valleys in your stride while ensuring you only pay for what you need. Talk to us at Ntiva today if you want to experience what the cloud can do for your business! The post What Types Of Businesses Need Cloud Collaboration Capabilities? appeared first on Ntiva.

Recommended Content